it.ucsf.edu

Security Update:Critical Vulnerability in Atlassians Confluence, Bamboo, FishEye and Crucible

Status Type

Security Update

Date and Time

Wednesday, January 21, 2015 - 16:41

Reason

Security Update

Impact

Atlassian Software Users

WHAT HAPPENED?

Atlassian released updates to address a Critical vulnerability in Confluence, Bamboo, FishEye, and Crucible.

Advanced Users: For a complete description of the security enhancements and affected software refer to:



AFFECTED SYSTEMS:

  • Confluence up to and including 5.6.
  • Bamboo up to and including 5.7
  • FishEye up to and including 3.6.1
  • Crucible up to and including 3.6.1
     

 

WHAT'S THE PROBLEM?

If exploited, attackers can use this vulnerability to execute Java code of their choice.


HOW DO I PROTECT MY COMPUTER?

Update your software

  1. If you are supported by ITFS or have different IT support, no action on your part is required.
  2. If you do not have IT support or they do not support your computer, refer to Atlassian’s bulletin(s) for specific software on how to obtain the latest updates for your specific software or workarounds if you're not able to upgrade immediately.



RELATED LINKS